Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Crypto add opensslerror stack #15518

Closed
wants to merge 8 commits into from

Conversation

gla5001
Copy link
Contributor

@gla5001 gla5001 commented Sep 21, 2017

Feature request to add openSSL error stack to the exception object
thrown from crypto. New exception property only added to object
if the error stack has not cleared out prior to calling
ThrowCryptoError.

I did something very wrong when trying to rebase, so i just created a new branch and a new PR. This PR has all the changes requested from #14725. I will close the other one.

Refs: #5444

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines
Affected core subsystem(s)

crypto

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. labels Sep 21, 2017
@@ -193,7 +193,7 @@ detailing the point in the code at which the `Error` was instantiated, and may
provide a text description of the error.
Copy link
Contributor Author

@gla5001 gla5001 Sep 21, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This commit has the latest review comment fixes.
@bnoordhuis, i believe i've addressed all of your comments. Thanks for the review.

if (es->bottom != es->top) {
Local<Array> error_stack = Array::New(env->isolate());
int top = es->top;

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Now, we wont add the property to the exception every time.

// arithmetic to loop back around in the case where bottom is after top.
// Using ERR_NUM_ERRORS macro defined in openssl.
es->top = (((es->top - 1) % ERR_NUM_ERRORS) + ERR_NUM_ERRORS) %
ERR_NUM_ERRORS;
}
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

handle the ring buffer with modular arithmetic

@@ -4326,8 +4339,6 @@ SignBase::Error Verify::VerifyFinal(const char* key_pem,
int r = 0;
EVP_PKEY_CTX* pkctx = nullptr;

ERR_set_mark();

bp = BIO_new_mem_buf(const_cast<char*>(key_pem), key_pem_len);
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is not needed

err.openSSLErrorStack !== undefined &&
Array.isArray(err.openSSLErrorStack) &&
err.openSSLErrorStack.length === 0) {
err.openSSLErrorStack === undefined) {
return true;
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

update test since the openSSLErrorStack is not always added

@gla5001
Copy link
Contributor Author

gla5001 commented Sep 21, 2017

The only new commit is 720a5af. Everything else was reviewed in #14725.

@jasnell
Copy link
Member

jasnell commented Sep 21, 2017

ping @nodejs/crypto

@@ -193,7 +193,7 @@ detailing the point in the code at which the `Error` was instantiated, and may
provide a text description of the error.

For crypto only, `Error` objects will include the OpenSSL error stack in a
separate property called `openSSLErrorStack` if it is available when the error is thrown.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

long line here?

Copy link
Member

@indutny indutny left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@BridgeAR
Copy link
Member

BridgeAR commented Sep 27, 2017

@BridgeAR
Copy link
Member

@gla5001 when trying to rebase this on the CI it gets a conflict. I am a bit surprised that this is not shown here but would you be so kind and rebase this nevertheless?

@gla5001
Copy link
Contributor Author

gla5001 commented Sep 28, 2017

@BridgeAR sure thing

@gla5001 gla5001 force-pushed the crypto-add-opensslerror-stack branch from 537284e to 2ad7440 Compare September 28, 2017 03:16
@gla5001
Copy link
Contributor Author

gla5001 commented Sep 28, 2017

@BridgeAR rebased and pushed. Could you let me know if this resolves the issue?

@BridgeAR
Copy link
Member

CI https://ci.nodejs.org/job/node-test-pull-request/10302/

@BridgeAR
Copy link
Member

Landed in ccfcd88

@BridgeAR BridgeAR closed this Sep 28, 2017
BridgeAR pushed a commit that referenced this pull request Sep 28, 2017
Add openSSL error stack to the exception object thrown from crypto.
The new exception property is only added to the object if the error
stack has not cleared out prior to calling ThrowCryptoError.

PR-URL: #15518
Refs: #5444
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
MylesBorins pushed a commit to MylesBorins/node that referenced this pull request Sep 28, 2017
Add openSSL error stack to the exception object thrown from crypto.
The new exception property is only added to the object if the error
stack has not cleared out prior to calling ThrowCryptoError.

PR-URL: nodejs#15518
Refs: nodejs#5444
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
@bnoordhuis
Copy link
Member

The commit log could have had a link to #14725, that's where 95% of the review took place. This comment will have to do.

MylesBorins pushed a commit that referenced this pull request Sep 29, 2017
Add openSSL error stack to the exception object thrown from crypto.
The new exception property is only added to the object if the error
stack has not cleared out prior to calling ThrowCryptoError.

PR-URL: #15518
Refs: #5444
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
addaleax pushed a commit to addaleax/ayo that referenced this pull request Sep 30, 2017
Add openSSL error stack to the exception object thrown from crypto.
The new exception property is only added to the object if the error
stack has not cleared out prior to calling ThrowCryptoError.

PR-URL: nodejs/node#15518
Refs: nodejs/node#5444
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
MylesBorins pushed a commit that referenced this pull request Oct 3, 2017
Add openSSL error stack to the exception object thrown from crypto.
The new exception property is only added to the object if the error
stack has not cleared out prior to calling ThrowCryptoError.

PR-URL: #15518
Refs: #5444
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
@MylesBorins MylesBorins mentioned this pull request Oct 3, 2017
MylesBorins pushed a commit that referenced this pull request Oct 3, 2017
Add openSSL error stack to the exception object thrown from crypto.
The new exception property is only added to the object if the error
stack has not cleared out prior to calling ThrowCryptoError.

PR-URL: #15518
Refs: #5444
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
@MylesBorins
Copy link
Contributor

MylesBorins commented Oct 17, 2017

Should this be backported to v6.x-staging? If yes please follow the guide and raise a backport PR, if not let me know or add the dont-land-on label.

edit: this likely shouldn'y be backported if it is changing error messages prior to error codes... but I wanted to confirm

@gla5001
Copy link
Contributor Author

gla5001 commented Oct 17, 2017

@MylesBorins I believe it should not be backported.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

8 participants